Australian banks soft targets for cyber crime: E&Y

Ernst & Young’s global head of information security says Australia’s banks will be increasingly seen as soft targets for cyber criminals, and has backed the view of some state police chiefs that the banks need to do more to share intelligence.

On a flying visit to Australia to meet financial services clients this week, Ken Allan said while banks here suffered fewer attacks than their European or US counterparts, they could be less prepared for criminal attacks as a result.

“Australia doesn’t have that many enemies. You don’t have many groups who are motivated by ideology viewing Australia as a target," he said. “The down side of that is that it means the readiness to respond to the threats here is probably less."

Mr Allan said the primary perpetrators of cybercrime are organised crime syndicates.

“They view hacking as an economic activity. There is a cost involved exploiting the weaknesses compared to benefit." As detection and response to attacks is improved elsewhere, they will target institutions where “the bar is lower".

He said the US has long had formal, and now increasingly real time sharing of information on threats and fraud in the financial services sector between companies, law enforcement and government.

“That’s because an attack on one bank is an attack on the sector," he said.

“US banks have a very sophisticated formal structure under an organisation called the FS-ISAC (Financial Services Information Sharing and Analysis Center).

The Victorian Police has also repeatedly attributed a big rise in break ins and theft to criminals searching for tap and go credit cards and have called for banks and credit card companies to share more information with them on fraud levels.

Card companies and banks say they now have regular meetings with police set up by the Australian Payments and Clearing Association.

They also say fraud levels are very low on contactless cards. But official figures show transactions on lost and stolen cards more than doubled in 2013.

Mr Allan added each institution needs to move from “prevention" of cybercrime to being able to both detect and be ready to respond to it.

There is an extra cost to be able to do this, he said, but as efforts by banks overseas to defend themselves intensify, Australia would have to follow suit.

“We know the leading organisations are taking threats from commercial, law enforcement, from each other, plus all the electronic data feeds that come from intrusion detection systems," he said.

“All those electronics flags would have been viewed on their own. Where this is evolving is gathering all the data together and looking for anomalies in the data.

“An electronic alert of a denial of service attack might be aligned to another attack in another part of the organisation and only by seeing the correlations can you identify a material breach."